The Week in Breach News: 08/25/21 – 08/31/21
Ransomware comes calling at a Nokia subsidiary, cyber criminals check data out of the Boston Public Library, personal data is snatched from Bangkok Airlines and 3 easy things to do to improve your clients’ security culture (and why that matters now more than ever).
Solve five of the most exhausting remote and hybrid security problems fast with this handy infographic! DOWNLOAD IT>>
SAC Wireless
Exploit: Ransomware
SAC Wireless: Mobile Network Services
Risk to Business: 1.486 = Extreme
AC Wireless, a US-based Nokia subsidiary, has disclosed a data breach following a ransomware attack attributed to the Conti ransomware gang. The company disclosed that personal information belonging to current and former employees (and their health plans’ dependents
or beneficiaries) was also stolen during the ransomware attack. Conti ransomware gang revealed on their leak site that they stole over 250 GB of data. The investigation and remediation is ongoing.
Individual Risk : 1.311 = Extreme
SAC Wireless has announced that they believe that the stolen files contain the following categories of personal info about current and former employees: name, date of birth, contact information (such as home address, email, and phone), government ID numbers (such as driver’s license, passport, or military ID), social security number, citizenship status, work information (such as title, salary, and evaluations), medical history, health insurance policy information, license plate numbers, digital signatures, certificates of marriage or birth, tax return information, and dependent/beneficiary names.
Customers Impacted: Unknown
How It Could Affect Your Customers’ Business: Ransomware gangs are increasingly targeting the partners of major companies to find security flaws that enable them to gain valuable access or information that can then be translated into action against the major target.
ID Agent to the Rescue: What happens when you pay a ransom? Nothing good. See how the cash shakes down and how gangs make their money in Ransomware Exposed!. DOWNLOAD IT>>
Boston Public Library (BPL)
Exploit: Ransomware
Boston Public Library (BPL): Library System
Risk to Business: 2.336 = Severe
The Boston Public Library (BPL) has disclosed that its network was hit by a cyberattack leading to a system-wide technical outage. BPL serves almost 4 million visitors per year through its central library and twenty-five neighborhood branches, as well as millions more online. The library experienced a significant system outage and as well as disruption of its online library services. Branch It has been restored and online services are slowly being recovered.
Individual Impact: There has not yet been an announcement that employee, customer or consumer personal or financial information was compromised in this incident but the investigation is ongoing
Customers Impacted: 4 million
How It Could Affect Your Customers’ Business Government and government-adjacent municipal targets have been especially under the gun recently as cybercriminals seek easy routes to gaining big scores of personal data from targets with historically poor security.
ID Agent to the Rescue: Developing safe security practices is essential in today’s volatile threat atmosphere. Our Security Awareness Champion’s Guide helps explain complex risks in a fun way! DOWNLOAD IT>>
Envision Credit Union
Exploit: Ransomware
Envision Credit Union: Bank
Risk to Business: 1.673=Severe
The LockBit 2.0 ransomware group has threatened to publish stolen data of its newest target, Envision Credit Union in Florida, on August 30. Envision Credit Union disclosed to the media that recently began “experiencing technical difficulties on certain systems” after the LockBit announcement went up on the gang’s leak site. An investifation is ongoing and the bank has not yet disclosed exactly what (if any) data was stolen.
Individual Impact: There has not yet been an announcement that employee, customer or consumer personal or financial information was compromised in this incident but the investigation is ongoing
Customers Impacted: Unknown
How It Could Affect Your Customers’ Business Financial services and fintec organizations have been a prime target for hackers recently, and regulators have not been shy about raising the alarm.
ID Agent to the Rescue: Make the most of opportunities to expand your MSP into security for at-risk sectors by leveraging the four essential elements for MSP success: Great Tech Stack, Culture, People, Processes. LEARN MORE>>
Atlanta Allergy & Asthma
Exploit: Hacking
Liquid: Cryptocurrency Exchange
Risk to Business: 1.917 = Severe
Atlanta Allergy & Asthma (AAA), the largest allergy treatment healthcare business in the region, is notifying 9,800 patients that they experienced a data breach that involved protected health information. Bloggers spotted the data on the dark web, where it had been posted by the Nefilim ransomware group, also known as Nempty. The gang nabbed 2.5 GB of data consisting of 597 files with PHI.
Individual Risk: 1.835 = Severe
The data seen by researchers includes what appears to be thousands of records for patients. The files are not just current or recent billing-related files but also included spreadsheets organized by type of health insurance, records on outstanding claims from 2017 and 2018 and more than 100 audits including a multi-page detailed review of a patient’s case.
Customers Impacted: 9,800
How It Could Affect Your Customers’ Business Medical data is a big revenue driver for cybercriminals but it is an even bigger revenue disaster for the medical practices that lose it to cybercrime.
ID Agent to the Rescue: Organizations are safer when everyone is on the cybersecurity team. Let us show you how to expand your menu into security awareness training in just 15 minutes! WATCH NOW>>
Germany – Puma
https://securityaffairs.co/wordpress/121617/cyber-crime/puma-available-marketo.html
Exploit: Hacking
Puma: Sportswear Brand
Risk to Business: 1.721 = Severe
Threat actors claim to have stolen data from German sportswear giant Puma. The cybercriminals announced the score in a post on a message board at the rising dark web marketplace Marketo claims to have about 1GB of data stolen from the company. Published samples contain the source code of internal management applications potentially linked to the company’s Product Management Portal.
Individual Impact: There has not yet been an announcement that employee, customer or consumer personal or financial information was compromised in this incident but the investigation is ongoing.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business Hackers are hungry for data to turn for a quick profit in the booming dark web data markets. Reports note there are more than 150 bids on this little cache already.
ID Agent to the Rescue Building cyber resilience helps insulate companies from trouble like this. Learn more about why cyber resilience is the ticket to a safer future for your clients. GET THIS EBOOK>>
Learn to defend castles from cybercriminal invaders in our How to Build Your Cybersecurity Fortress webinar! WATCH NOW>>
Thailand – Bangkok Airways
Exploit: Ransomware
Bangkok Airways: Airline
Risk to Business: 1.802 = Severe
Bangkok Airways has announced that it has experienced a “cybersecurity attack which resulted in unauthorized and unlawful access to its information system”. There’s no word from the company about how many customers were involved in the breach or what timeframe the data came from, but they were quick to assure customers that no operations or aeronautics systems or data was impacted.
Individual Risk: 1.761 = Severe
The company said in a statement that their initial an investigation revealed that the names, nationalities, genders, phone numbers, emails, addresses, contact information, passport information, historical travel information, partial credit card information and special meal information for passengers of the airline were accessed by the hackers.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Ransomware is the weapon of choice for both run-of-the-mill cybercriminals and nation-state threat actors. Every business needs to be ready for it.
ID Agent to the Rescue: Ransomware was the story of the year in 2020, and it’s still the top story in 2021. See how its impact has shaped the future of cybercrime in The Global Year in Breach 2021. READ IT>>
Get the cheat codes to defeat cybercrime in our eBook The Security Awareness Champions Guide GET IT NOW>>
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
Risk scores for The Week in Breach are calculated using a formula that considers a wide range of factors related to the assessed breach.
See how ransomware really works, who gets paid & what’s next in our tell-all Ransomware Exposed! DOWNLOAD IT>>
Go Inside the Ink to Get the Inside Scoop on Cybercrime
Are you up to date on the latest news that can impact your business and your customers? Here’s a recap:
- How to Keep a Company Password Safe & Off the Dark Web
- Security Awareness Training Answers the Cost-Cutting Call
- Phishing Has Doubled US & UK Data Breaches (Plus Cyber Insurance Rates)
- Why Are Cloud Breaches Up by More Than a Third?
- Phishing Awareness Training Neglect Comes Back to Haunt Businesses
- The Week in Breach News: 08/18/21 – 08/24/21
Kaseya Patch Tuesday: – Patch notes & bug fixes for August 2021: SEE PATCH INFO>>
Resource Spotlight: Notch More Sales WINS!
Are you ready to fall into a highly profitable autumn? These webinars can help you gain new selling skills that will enable you to crush the competition!
4 Essential Elements for a Dominant, Security-Focused MSP
Dominate your market fast when you master 4 essential elements for success! WATCH NOW>>
The Ultimate MSP Sales Process Blueprint: Automation for the Win
See why security automation is the new revenue stream you’ve been searching for! WATCH NOW>>
Making a Battle Plan for Profit
Map out your MSP’s journey to greater success and explosive growth! WATCH NOW>>
Did You Miss…? This infographic shows you how to solve 5 sticky remote security problems. GET IT>>
Protection from cybercrime danger is easy when you deploy your secret weapon: security-savvy employees! WATCH WEBINAR>>
Why a Strong Security Culture is the Magic Bullet You’re Looking For (and 3 Ways to Help Your Client Build It)
The importance of building a strong security culture is something that is always considered a best practice for building a strong defense against cybercrime. But what does that really mean, and does it actually work? Data from several recent projects show that building a strong security culture does have big benefits – and neglecting a company’s security culture has big downsides too. From reducing employee errors leading to a data breach to sniffing out malicious insiders faster, a real dedication to secuurity on everyone’s part just keeps businesses safer. These three ways to help your clients boost their security culture aren’t just beneficial for your clients either. They’ll also help you differentiate your MSP from the competition, strengthen your reputation as a trusted partner and build your MRR.
See how to grow your business with a new revenue stream in the time it takes to drink a cup of coffee. LEARN MORE>>
Business Cybersecurity Has Plenty of Room for Improvement
IBM describes security culture in its blog as “both a mindset and mode of operation”. That’s a crucial distinction. Security today is about much more than just the solutions that your client has working for them and dangers presented to tech teams. It’s equally as important that your client’s people at every level are committed to making security a priority because they understand the importance of cybersecurity in the success of their organization. An estimated 60% of organizations that fall victim to a cyberattack go out of business within a year, and no one wants to join that club.
Yet, the state of business cybersecurity is still dire. A report in CISO Magazine detailed the danger: one in three small businesses with 50 or fewer employees rely on free or consumer-grade cybersecurity tools for all of their cyber defense, and one in five companies do not use any endpoint security whatsoever. The tidings from a survey by the Small Business Administration (SBA) are also grim. Just under 90% of small business owners think that their business is vulnerable to a cyberattack – and SMB owners are notorious for underestimating their risk.
When you’re helping a client or prospect build a digital defense plan that can stand up to the test of today’s complex cybersecurity challenges, you may not be taking the threadbare state of many organizations’ security culture into account accurately. Although it seems hard to believe, a great many businesses of every size still haven’t gotten the message that cybersecurity is directly tied to their success, but working your way around a few barriers and providing a bit of a wakeup call about the danger that even the smallest businesses face from cybercrime can make an enormous difference in the success of that defense plan.
Zero Trust security is a piece of cake when you’re sure you’re giving access to the right people at the right levels. SEE HOW TO DO IT>>
Security Culture Starts at the Top
Many businesses may form a weak security culture because the executives who make the budgets and sign the checks simply don’t make cybersecurity a priority and aren’t willing to pay for it. A report in Security Intelligence details the problems that security teams can face from an executive team that just doesn’t see why it’s a big deal. Just 9% of survey respondents cited digital security as the most important factor facing their businesses, and 18% ranked defense against cyberattacks, even insider threats, as the least important factor in their company’s success. An astonishing 60% of business leaders surveyed revealed that they didn’t have a defense against cyberattacks in place at all, let alone an incident response plan. Some of the executives surveyed knew that information security was important but hadn’t done anything about it, with 25% of them admitting that they wouldn’t know where to even start with SMB cybersecurity.
That is a huge problem for trying to develop the kind of security culture that stops cyberattacks. IBM cites simple bravado followed by unfamiliarity with potential risks as a strong driver of failure in top-down security culture – 60% of SMB owners feel that they will not face any kind of cybersecurity incidents. That’s far from the truth. In 2020, 80% of firms have seen an increase in cyberattacks, and for two in five that came in the form of a ransomware attack. Phishing is even more dangerous and misunderstood by business leaders. Getting executive buy-in is the biggest hurdle that MSPs have to overcome to help customers establish the security culture that they need.
Want to Borrow Our Sales and Marketing Teams? OK!
Get expert sales and marketing help to power up your MSP in a flash with Powered Services Pro. LEARN MORE>>
Blockers Stand in the Way of Progress
There are always obstacles to progress, and there are quite a few to overcome here, even after you get clients to see that they’re in danger of a cyberattack or data breach. Three major blockers stand between your clients and the kind of robust security culture that really increases cyber resilience and strengthens defenses. Addressing these points can help break through barriers and develop a solid foundation for building the security culture and cybersecurity savvy that your client needs to succeed.
Just like anything else about the atmosphere of their business, security culture requires effort and buy-in from the leadership team to really be seen as a priority for everyone. Employees aren’t going to take security policies or best practices seriously if they know that the boss doesn’t either. In the recently released SANS report Managing Human Cyber Risk 2021, strategic alignment is cited as one of the three biggest blockers to managing risk, with less than half of security professionals surveyed saying that they felt that they had the support that they needed from leadership to grow a strong security culture, and about 10% saying that they had no support at all.
You’d think money would be a notable hazard, but it’s time that was cited as a major stumbling block. Specifically, the time spent on promoting security awareness by the people in charge of doing that. While some companies are willing to buy solutions that can protect them from things like phishing, they’re not willing to really lay out the time or money necessary to make employees better at avoiding social engineering and other cybercriminal bait. The survey showed that a shocking 75% of the security awareness professionals surveyed spend less than half of their time on the job actually promoting security awareness. In an era of ever-growing risk and rapidly evolving threats that is not a good sign for many businesses.
The final piece of this terrible trio is the manner in which companies undertake security awareness training. Specifically, the fact that most companies sub training duties out to members of their IT staff. While those folks may be skilled cybersecurity hands, they are often not the people with the best “soft skills” to really impress upon their coworkers the real danger of phishing or the importance of taking security policies seriously. The SANS survey cites a lack of ability to distill complex technical jargon into understandable lessons for non-tech coworkers as a major flaw of handling training this way. Executives also have trouble believing that bringing in a training solution that includes automation will be less expensive than just having staffers handle it, no matter how much more effective it might be.
Explore the dark web with experts & get a deck of screenshots in Unveiling Cybercrime Markets on the Dark Web. WATCH NOW>>
How You Can Help
Close Training Gaps
More than 60% of businesses don’t do enough cybersecurity awareness training. Eliminate the time crunch for trainers by offering a better, easier to use security awareness training solution that’s totally affordable. Rather than relying on an ad-hoc educational system run by tech personnel when they have time (which is generally never), BullPhish ID offers an affordable training solution that can be automated to make training painless.
- Using plug-and-play phishing simulations, any business can run smooth, regular training nearly effortlessly. Plus, BullPhish ID goes way beyond just training employees about phishing.
- They’ll also learn the basics of compliance, how to spot threats like ransomware, good password handling practices and other cybersecurity essentials.
- All of this training can be delivered through a personalized portal that serves up memorable lessons using video that don’t include “geek speak”.
- Performance and improvement can be easily measured and demonstrated in simple, clear reports.
Start With Small Changes That Make a Big Impact
Guide clients who need a little help in determining exactly how to go about building a strong security culture into an area of security awareness that will give them plenty of bang for their buck: password safety. Over 40% of respondents in a 2020 study said that their organization had been compromised because of a bad, stolen or cracked password. Fortunately, that’s something that you can help them fix with secure identity and access management using Passly.
- They’ll get the value of multiple solutions in just one, including multifactor authentication, a compliance must-have and the single mitigation that stops 99% of password-based cybercrime cold.
- Plus, Passly rolls out in days not weeks thanks to seamless integration with over 1,00 common apps. Your clients will be able to quickly see their security improve quickly, improving their satisfaction.
- They’ll also be taking the first step down the road to zero trust security, a subject that has been widely reported on in coverage of new US federal cybersecurity policy, just by adding a tool that makes everyone’s credentials safer immediately.
Keep an Eye on People Who Aren’t Getting with the Program
Help your clients build the foundation for their new, improved security culture by encouraging them to foster an atmosphere that encourages honesty about security blunders. A third of employees in an IBM survey say they don’t report incidents for fear of getting in trouble, losing their jobs, being ridiculed or being forced to take security awareness training (which should never be used as a punishment). The unfortunate consequence of fear is that employees also won’t feel compelled or supported to turn in other employees that they see engaging in potentially malicious behavior like selling their password on the dark web. That’s where Dark Web ID comes in.
- The thriving cybercrime-as-a-service economy is tempting far too many employees to sell credentials and access, a quick way to turn a profit.
- Encourage clients to keep an eye out for company credentials that pop up in dark web markets no matter how they get there using a 24/7/365 monitoring dynamo like Dark Web ID.
If you’re ready to get started on helping your clients build a stronger security culture with support from the ID Agent digital risk protection platform, we’re ready to help. Contact one of our security solutions experts today and let’s get started.
Dive into a stream of new revenue with The Tools and Techniques for MSPs to Close More New Clients. WATCH NOW>>
Who’s Ready for a Connect IT Sneak Peek?
This year we have an amazing lineup of industry experts who are ready to share their hard-won knowledge with you in transformative workshops that will teach you how to build cyber resilience and keep moving forward to a bright future in any conditions.
Kaseya Security First Workshop Series: In 3 sessions, hone your incident response skills with experts who will walk you through what to do before, during and after a cyberattack occurs – and you’ll walk out of the sessions with a fully-formed incident response strategy.
FIU Cybersecurity Leadership & Strategy (CLS) Workshop: This workshop includes 3 sessions on geopolitics and conflict in cyberspace, threats against global supply chains, ransomware resilience and incident response. Attendees will receive a certificate of completion from Florida International University at no extra charge.
Cybersecurity Management Certification: In this 3-session workshop, Michael Steep, Executive Director, Stanford Engineering Center for Disruptive Technology and Digital Cities, will discuss the current state of cybersecurity, understanding the S.O.A.R. model and its application in cybersecurity.
Connect IT in Las Vegas will be an awesome 3 days of networking, learning, and fun while you get the first look at the innovation you can expect from Kaseya with our CEO Fred Voccola. LEARN MORE AND REGISTER NOW>>
Is your email domain protected against phishing? Are your customers? Find out now with the Graphus Domain Checker. CHECK NOW>>
Sep 02: Owning the Dark Web: How You Can Take Back Control REGISTER NOW>>
Sep 02: Connect IT Local: Washington DC REGISTER NOW>>
Sep 08: Phish & Chips: BullPhish ID Demo (DACH Special) REGISTER NOW>>
Sep 08: 5 Key Skills to Master When Selling Cybersecurity REGISTER NOW>>
Sep 09: Connect IT Local: Chicago REGISTER NOW>>
Sep 21: Connect IT Local: Denver REGISTER NOW>>
Sep 21-22: Robin Robins Roadshow: Washington DC REGISTER NOW>>
Sep 22-23: ASCII Success Summit REGISTER NOW>>
Sep 28-29: Robin Robins Road Show: Dallas REGISTER NOW>>
Oct 05: Connect IT Local: San Francisco REGISTER NOW>>
Oct 07: Connect IT Local: Seattle REGISTER NOW>>
Oct 21-22 Robin Robins Roadshow Newark REGISTER NOW>>
Oct 27-28: ASCII Success Summit Orlando REGISTER NOW>>
Oct 19-22: Connect IT in Las Vegas! REGISTER NOW>>
Oct 28-29: Robin Robins Road Show Chicago REGISTER NOW>>
Nov 02-03:Robin Robins Road Show Las Vegas REGISTER NOW>>
Nov 02-03 ASCII Success Summit Washington DC REGISTER NOW>>
Dec 07: Connect IT Local: Atlanta REGISTER NOW>>
Dec 08-09: ASCII Success Summit Anaheim REGISTER NOW>>
Dec 09: Connect IT M&A Symposium Miami REGISTER NOW>>
Are you ready to fight back against cybercrime? See where 2021’s threats are coming from and what’s next. DOWNLOAD THE REPORT>>
A Strong Security Culture is Your Secret Weapon
In a volatile risk landscape, businesses are looking for new ways to improve their security and avoid becoming victims of cybercrime like 2 in 5 SMBs did in 2020. But as businesses continue to grapple with the challenges of the continuing pandemic, and no one has the time or the budget to vet and purchase a bunch of new solutions.
Good news – you don’t really need to. One resource that you already have at your disposal is a more powerful defense against cybercrime than any software you can buy: your employees. By building and maintaining a strong security culture you can harness and direct the power of this asset, putting it to work to bolster your company’s security.
Making cybersecurity a priority starts with security-forward leadership at the top. If security is a priority for the boss, employees will make it a priority too. Establishing clear policies and procedures around cyber security that are enforced for everyone helps that focus carry weight for employees, and that makes them more likely to encourage compliance among their peers.
It’s also essential that everyone know that there is no penalty for reporting security concerns or mistakes to anyone. A third of employees in an IBM survey say they don’t report incidents for fear of getting in trouble, losing their jobs, being ridiculed or being forced to take security awareness training (which should never be used as a punishment). Every IT team would rather deal with a problem right away, before it becomes a nightmare, so making it easy for employees to report problems is just good business.
Provide your employees with support that they need to help out, and you’ll be pleasantly surprised at the result, Rely on a robust security awareness training program using a solution like BullPhish ID to teaches them about phishing and a host of other of cyber threats like ransomware and credential compromise. Empowered employees will feel like they’re part of the security team too, and that gets everyone on the same page to defend your business from cybercrime.
ID Agent Partners: Feel free to re-use this blog post (in part or in its entirety) for your own social media and marketing efforts. Please send an email to [email protected] to let us know – we love to hear about how our content works for you!
Our Partners typically realize ROI in 30 days or less. Contact us today to learn why 3,850 MSPs in 30+ countries choose to Partner with ID Agent!
Check out an on-demand video demo of BullPhish ID or Dark Web ID WATCH NOW>>
See Graphus in action in an on-demand video demo WATCH NOW>>
Book your demo of Dark Web ID, BullPhish ID, RocketCyber or Graphus now!
We’d love to hear your story of security success with ID Agent. Contact our marketing/pr team to set up a meeting with our staff to tell the world about your experiences in our next case study! To learn more about how the ID Agent Digital Risk Protection Platform can secure your prosperity, book a personalized demo today.